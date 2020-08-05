Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Submitted by Roy Schestowitz on Tuesday 1st of September 2020 12:43:04 AM Filed under
Security
  • Security updates for Monday

    Security updates have been issued by Debian (bacula, bind9, freerdp, libvncserver, lilypond, mupdf, ndpi, openexr, php-horde, php-horde-core, php-horde-gollem, php-horde-kronolith, ros-actionlib, thunderbird, and xorg-server), Fedora (golang-github-ulikunitz-xz and qt), Gentoo (bind, chrony, ghostscript-gpl, kleopatra, openjdk, and targetcli-fb), Mageia (ark, evolution-data-server, fossil, kernel, kernel-linus, and thunderbird), openSUSE (apache2, graphviz, grub2, inn, librepo, and xorg-x11-server), Oracle (firefox), and Red Hat (git).

  • Microsoft, Oracle, and Google top list of companies with most vulnerabilities disclosed in Q2

    The number of vulnerabilities being disclosed by major technology companies is returning to normal levels after a lower-than-usual first quarter, due in no small part to the disruption from the coronavirus pandemic.

  • X-XSS-Protection – Secure Apache from Cross-Site Scripting

    Cross-Site Scripting (Also known as XSS) is a client-side attack by injecting malicious scripts to the web application. After that your application will be the carrier of the malicious scripts to reach the other users browser. In that case, the other user’s browser will understand the malicious scripts served from a trusted sources and will execute the script

  • Notes From the Chaos Communication Camp

    The Chaos Communication Camp happens every four years. The trouble is, every four years its attendance seems to double. This year the group that organizes the camp, the Chaos Computer Club, is struggling to accommodate 4,500 camping hackers.

    The camp is being held in the German countryside at the site of a large 19th-century factory that once supplied Berlin with its terracotta roof tiles. I make it there by train and local bus on the second day of the event, and late that night pitch a tent in the middle of a spectacular lightning storm. The electrical grid that snakes through every part of the camp’s 20 odd acres withstands the deluge of water: There are no fires or electrocutions. Only the inside of my tent gets wet; there’s a vent at the top I can’t find the cover for.

»

More in Tux Machines

today's howtos

Pushing pixels to your Chromebook

Having a comprehensive and accelerated graphics stack is essential in today's world. But where would we be without one, or how do we as developers handle the lack or instability of drivers during very early hardware bring up? Simple - we use drivers which do all the rendering via the CPU. An interesting fact is that during the dawn of 3D graphics CPU rendering was not uncommon. With time, GPU devices became more popular, powerful and cheaper. Thus CPU (software) rendering, is not so wide spread these days and mainly used as a fallback. Within this article, we'll provide a high-level introduction of the Linux graphics stack, how it is used within ChromeOS and the work done to improve software rendering (while simultaneously improving GPU rendering, by reducing the boilerplate needed in applications). Read more

Postfix vs. Sendmail

Postfix and Sendmail are in the same category of Mail Transfer Agents. When selecting the MTA (Mail Transfer Agent) for your system, to choose the best option that meets your needs, you must consider a few important features, such as performance, security, documentation, and feasibility. Read more

Servers Leftovers

           
  • COVID-19 Pandemic Forces Reckoning with Cloud Costs

    While cloud applications are both more accessible and more resilient than on-premises applications, the cost of migrating applications to the cloud is substantial. In the wake of the economic downturn brought on by the pandemic, there’s naturally now a lot more focus on those costs. To help IT organizations better assess those costs, the Linux Foundation has launched the FinOps Foundation, a consortium dedicated to identifying best practices to rein in IT costs.

    •        
  • Announcing the General Availability of Bottlerocket, an open source Linux distribution built to run containers

    As our customers increasingly adopt containers to run their workloads, we saw a need for a Linux distribution designed from the ground up to run containers with a focus on security, operations, and manageability at scale. Customers needed an operating system that would give them the ability to manage thousands of hosts running containers with automation. Meet Bottlerocket, a new open source Linux distribution that is built to run containers. 

    •         
  • KubeCon + CloudNativeCon Europe 2020

    This year I managed to partecipate to KubeCon + CloudNativeCon Europe 2020. As you can imagine, the conference did not happen in real life, but it was converted to an online conference. More virtual conferences I attend to, more I understand the limits and the advantages of them compared to real conferences. In this particular conference, I realized that one of the biggest problems I have with virtual conferences is that, during the conference, the conference events and talks add to your usual events and meetings, making it impossible to follow all events you wanted to follow.

    •        
  • Increasing the Kubernetes Support Window to One Year

    Starting with Kubernetes 1.19, the support window for Kubernetes versions will increase from 9 months to one year. The longer support window is intended to allow organizations to perform major upgrades at a time of the year that works the best for them. This is a big change. For many years, the Kubernetes project has delivered a new minor release (e.g.: 1.13 or 1.14) every 3 months. The project provides bugfix support via patch releases (e.g.: 1.13.Y) for three parallel branches of the codebase. Combined, this led to each minor release (e.g.: 1.13) having a patch release stream of support for approximately 9 months. In the end, a cluster operator had to upgrade at least every 9 months to remain supported. A survey conducted in early 2019 by the WG LTS showed that a significant subset of Kubernetes end-users fail to upgrade within the 9-month support period.

  • Introducing IDE support for Apache Camel K Modeline

    Apache Camel K is a lightweight integration framework built on Apache Camel that runs natively on Kubernetes. Camel K is designed explicitly for serverless and microservices architectures and allows you to run an integration written in Camel DSL on your cloud. Since Apache Camel K 1.0.0, it has been possible to specify the configuration options for starting an integration route using Apache Camel K Modeline. Just place a single comment line, // camel-k:, at the top of your config file. Using this method allows you to specify a relatively complex integration project in a single file. Until now, you could only access these configuration options through the command line. In this article, I introduce the new IDE support for Apache Camel K’s Modeline configuration.

  • 10 Years of OpenStack – Shane Wang at Intel

    Storytelling is one of the most powerful means to influence, teach, and inspire the people around us. To celebrate OpenStack’s 10th anniversary, we are spotlighting stories from the individuals in various roles from the community who have helped to make OpenStack and the global Open Infrastructure community successful.

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6